<?php
include 'connect_db.php';
if (!checkLoggedin())
{
    header('Location: login.php');
}

$sql = "SELECT * FROM bills B JOIN users ON users.id = B.user_id WHERE B.id = ".$_GET['id'];
$the_bill = mysql_query( $sql );

$sql = "SELECT * FROM bills B, bills_users A, users U, categories C WHERE A.user_id = " . $_SESSION['id'] . " AND A.bill_id = B.id AND U.id = B.user_id AND B.category_id = C.id AND B.id = ".$_GET['id'];
$the_pay = mysql_query( $sql );

$the_bill = mysql_fetch_array($the_bill);
$the_pay = mysql_fetch_array($the_pay);
?>

<?php include('templates/main/header.php'); ?>
<div id="body">
    <div id="content" class="right_sidebar">
    <form action="https://www.paypal.com/cgi-bin/webscr" method="post">
      <h3>Pay <?php echo $the_bill['firstname'].' '.$the_bill['lastname'].' back for '.$the_bill['notes'].'.'; ?></h3>
        <input type="hidden" name="cmd" value="_xclick">
        <input type="hidden" name="business" value="accounts@freelanceswitch.com">
        $<input type="text" name="amount"
               value=<?php echo '"'.round($the_bill['amount'] * $the_pay['shared_scale'], 2).'"' ;?>>
        <input type="hidden" name="no_shipping" value="0">
        <input type="hidden" name="no_note" value="1">
        <input type="hidden" name="currency_code" value="USD">
        <input type="hidden" name="lc" value="AU">
        <input type="hidden" name="bn" value="PP-BuyNowBF">
    	<input type="hidden" name="return" value="http://net.tutsplus.com/payment-complete/">
    	<br /><br />
        <input type="submit" value="Pay with PayPal!">
    </form>
  </div>
</div>
<?php include('templates/main/footer.php'); ?>